<?php

  //////////////////////////////////////////////////////////////////
  // OrbitFAQ                                                     //
  // ---------                                                    //
  //                                                              //
  // Orbit FAQ was solely written and developed by Orbit Services //
  // http://www.orbitservices.net                                 //
  //                                                              //
  // Access the Forum here:                                       //
  // http://forums.orbitservices.net/index.php?c=4                //
  //                                                              //
  // OrbitFAQ utilises the following opensource projects/classes; //
  //  + Fckeditor - http://www.fckeditor.net                      //
  //  + Smarty Template Engine - http://smarty.php.net            //
  //  + Swift Email Class - http://www.swiftmailer.org/           //
  //  + OWASP PHP Filter Project - http://www.owasp.org           //
  //  + MySQL Search Class by Stephen Bartholomew                 //
  //                                                              //
  //////////////////////////////////////////////////////////////////

  require('incs/config.inc.php');
  require('incs/db.inc.php');
  require('incs/classes.inc.php');

  if($GatherUserStats == '1')
    {
      require('incs/stats.inc.php');
    }

  checkIfLoggedIn();

  // Lets get our common $_GET values and sanitize them
  $faq = sanitize_paranoid_string($_GET['faq']); // Selected FAQ
  $ca = sanitize_paranoid_string($_GET['ca']); // Category
  $qn = sanitize_paranoid_string($_GET['qn']); // Question
  $view = sanitize_paranoid_string($_GET['view']); // View Type
  $action = sanitize_paranoid_string($_GET['action']); // Action

  if(($qn != '')AND($allowRatings == '1')AND((($usersMustBeLoggedInRatings == '1')AND($orbitfaq_accesslevel != '')OR($usersMustBeLoggedInRatings == '0'))))
    {

      $u_id = $_SESSION['orbitfaq_userid'];
      if($u_id == '')
        {
          $u_id = $PHPSESSID;
        }


      $query_add = "INSERT INTO `orbitfaq_ratings` (
          `q_id`,
          `u_id`,
          `rating`
        )VALUES(
          '$qn',
          '$u_id',
          '$posted_rating'
        );

      ";
      $result_add = $faqsql_query ($query_add)OR DIE( "$sql_query_error $query_add");

      $message = "Question has been rated!";

    }

    header("Location: index.php?faq=$faq&ca=$ca&message=$message");

?>